EP3398289C0 - Verfahren, system und vorrichtung mit vorwärtssicherer kryptografie zur passcodeüberprüfung - Google Patents
Verfahren, system und vorrichtung mit vorwärtssicherer kryptografie zur passcodeüberprüfungInfo
- Publication number
- EP3398289C0 EP3398289C0 EP16826678.1A EP16826678A EP3398289C0 EP 3398289 C0 EP3398289 C0 EP 3398289C0 EP 16826678 A EP16826678 A EP 16826678A EP 3398289 C0 EP3398289 C0 EP 3398289C0
- Authority
- EP
- European Patent Office
- Prior art keywords
- passcode verification
- secure cryptography
- cryptography
- secure
- passcode
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title 1
- 238000012795 verification Methods 0.000 title 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/067—Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/04—Masking or blinding
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Radar Systems Or Details Thereof (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201562273138P | 2015-12-30 | 2015-12-30 | |
PCT/US2016/069464 WO2017117520A1 (en) | 2015-12-30 | 2016-12-30 | A method, system and apparatus using forward-secure cryptography for passcode verification |
Publications (3)
Publication Number | Publication Date |
---|---|
EP3398289A1 EP3398289A1 (de) | 2018-11-07 |
EP3398289B1 EP3398289B1 (de) | 2023-06-07 |
EP3398289C0 true EP3398289C0 (de) | 2023-06-07 |
Family
ID=57799953
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP16826678.1A Active EP3398289B1 (de) | 2015-12-30 | 2016-12-30 | Verfahren, system und vorrichtung mit vorwärtssicherer kryptografie zur passcodeüberprüfung |
Country Status (6)
Country | Link |
---|---|
US (1) | US10511438B2 (de) |
EP (1) | EP3398289B1 (de) |
JP (1) | JP6927981B2 (de) |
CN (1) | CN109075965B (de) |
ES (1) | ES2952534T3 (de) |
WO (1) | WO2017117520A1 (de) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102014015814B4 (de) * | 2014-10-24 | 2016-05-04 | Unify Gmbh & Co. Kg | Verfahren zum Authentifizieren eines Benutzergeräts bei der Anmeldung an einem Server |
EP3376421A1 (de) * | 2017-03-17 | 2018-09-19 | Gemalto Sa | Verfahren zur authentifizierung eines benutzers und zugehörige vorrichtung, erste und zweite server und system |
JP2019054466A (ja) * | 2017-09-15 | 2019-04-04 | 株式会社 エヌティーアイ | 通信システム、第1通信装置、第2通信装置、方法、コンピュータプログラム |
US11569998B2 (en) * | 2018-01-25 | 2023-01-31 | Visa International Service Association | Token offline provisioning |
US10389708B1 (en) * | 2019-01-03 | 2019-08-20 | Capital One Services, Llc | Secure authentication of a user associated with communication with a service representative |
GB2585010B (en) * | 2019-06-24 | 2022-07-13 | Blockstar Developments Ltd | Cryptocurrency key management |
FR3105481B1 (fr) * | 2019-12-24 | 2022-12-16 | Thales Sa | Procédé de vérification du mot de passe d'un dongle, programme d'ordinateur, dongle et terminal utilisateur associés |
JP2021141460A (ja) * | 2020-03-05 | 2021-09-16 | キヤノン株式会社 | 被認証装置、認証システムおよび認証方法 |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7085840B2 (en) * | 2001-10-29 | 2006-08-01 | Sun Microsystems, Inc. | Enhanced quality of identification in a data communications network |
US8281378B2 (en) * | 2006-10-20 | 2012-10-02 | Citrix Systems, Inc. | Methods and systems for completing, by a single-sign on component, an authentication process in a federated environment to a resource not supporting federation |
CN101163014A (zh) * | 2007-11-30 | 2008-04-16 | 中国电信股份有限公司 | 一种动态口令身份认证系统和方法 |
US20090210712A1 (en) | 2008-02-19 | 2009-08-20 | Nicolas Fort | Method for server-side detection of man-in-the-middle attacks |
US8302167B2 (en) * | 2008-03-11 | 2012-10-30 | Vasco Data Security, Inc. | Strong authentication token generating one-time passwords and signatures upon server credential verification |
US8683564B2 (en) * | 2010-06-27 | 2014-03-25 | King Saud University | One-time password authentication with infinite nested hash claims |
US8832807B1 (en) * | 2010-08-05 | 2014-09-09 | Christine E. Kuo | Method and apparatus for asynchronous dynamic password |
US8756706B2 (en) * | 2010-10-12 | 2014-06-17 | Blackberry Limited | Method for securing credentials in a remote repository |
US8683562B2 (en) * | 2011-02-03 | 2014-03-25 | Imprivata, Inc. | Secure authentication using one-time passwords |
US9225717B1 (en) * | 2013-03-14 | 2015-12-29 | Emc Corporation | Event-based data signing via time-based one-time authentication passcodes |
CN104662864B (zh) * | 2012-08-03 | 2018-03-09 | 威斯科数据安全国际有限公司 | 使用了移动认证应用的用户方便的认证方法和装置 |
US9218476B1 (en) * | 2012-11-07 | 2015-12-22 | Amazon Technologies, Inc. | Token based one-time password security |
US9124433B2 (en) * | 2012-12-28 | 2015-09-01 | Vasco Data Security, Inc. | Remote authentication and transaction signatures |
CN103258312B (zh) * | 2013-03-20 | 2015-10-28 | 东北大学 | 具有快速密钥流生成机制的数字图像加密方法 |
US9614815B2 (en) * | 2013-12-30 | 2017-04-04 | Vasco Data Security, Inc. | Authentication apparatus with a bluetooth interface |
KR101706173B1 (ko) * | 2013-12-31 | 2017-02-27 | 바스코 데이타 시큐리티 인터내셔널 게엠베하 | 모바일 애플리케이션을 보안하기 위한 방법 및 장치 |
CN103916234B (zh) * | 2014-04-11 | 2016-09-07 | 中国人民解放军沈阳军区总医院 | 一种应用于隐私保护的混沌医学图像加密方法 |
CN104753682B (zh) * | 2015-04-03 | 2019-05-14 | 北京奇虎科技有限公司 | 一种会话秘钥的生成系统及方法 |
-
2016
- 2016-12-30 ES ES16826678T patent/ES2952534T3/es active Active
- 2016-12-30 CN CN201680077508.9A patent/CN109075965B/zh active Active
- 2016-12-30 WO PCT/US2016/069464 patent/WO2017117520A1/en active Application Filing
- 2016-12-30 EP EP16826678.1A patent/EP3398289B1/de active Active
- 2016-12-30 JP JP2018534587A patent/JP6927981B2/ja active Active
- 2016-12-30 US US15/395,659 patent/US10511438B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
EP3398289A1 (de) | 2018-11-07 |
US10511438B2 (en) | 2019-12-17 |
CN109075965B (zh) | 2022-02-15 |
WO2017117520A8 (en) | 2018-08-30 |
JP2019506789A (ja) | 2019-03-07 |
CN109075965A (zh) | 2018-12-21 |
WO2017117520A1 (en) | 2017-07-06 |
US20170195316A1 (en) | 2017-07-06 |
ES2952534T3 (es) | 2023-11-02 |
EP3398289B1 (de) | 2023-06-07 |
JP6927981B2 (ja) | 2021-09-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
HK1253685A1 (zh) | 用於往復式治療設備的裝置、系統及方法 | |
GB2594423B (en) | System, apparatus and method | |
ZA201606650B (en) | Apparatus, system and method for blasting | |
HK1257811A1 (zh) | 方法、系統及裝置 | |
SG11201800297WA (en) | Method, apparatus and system for constructing user voiceprint model | |
HK1244388A1 (zh) | 方法、裝置和系統 | |
DK3183416T3 (en) | An apparatus for sealing a bore, a system comprising the apparatus and a method for using the apparatus | |
EP3398289C0 (de) | Verfahren, system und vorrichtung mit vorwärtssicherer kryptografie zur passcodeüberprüfung | |
PL2966605T3 (pl) | Sposób i system uwierzytelniania użytkownika | |
GB201608270D0 (en) | Method, system and apparatus | |
SG11201607184YA (en) | Authentication apparatus, authentication system, and authentication method | |
GB201704636D0 (en) | A method and system for authenticating a device | |
GB2531811B (en) | A method, system and apparatus for providing improved audience participation | |
SG10202005715QA (en) | Method, device, server and system for authenticating a user | |
PT3210417T (pt) | Método e aparelho para adquirir informações de sistema | |
GB201417624D0 (en) | Apparatus, system and method | |
GB2551089B (en) | Charging apparatus, system and method | |
EP3229190A4 (de) | Zahlungsverifizierungsverfahren, -vorrichtung und -system | |
GB2598190B (en) | A method and system for authenticating a device | |
GB201501809D0 (en) | Apparatus, system and method | |
HK1215744A1 (zh) | 種 的驗證方法、裝置和系統 | |
EP2981148A4 (de) | Verfahren, vorrichtung und system für eine verwaltungsvorrichtung | |
GB2560677B (en) | Method, device and system for creating communication groups | |
ZA201600809B (en) | System and method for authenticating a transaction | |
GB201414572D0 (en) | Apparatus, System and Method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: UNKNOWN |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20180711 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: MURDOCH, STEVEN JAMES |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20200117 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R079 Ref document number: 602016080089 Country of ref document: DE Free format text: PREVIOUS MAIN CLASS: H04L0009080000 Ipc: H04L0009400000 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: H04L 9/32 20060101ALI20220921BHEP Ipc: H04L 9/08 20060101ALI20220921BHEP Ipc: H04L 9/40 20220101AFI20220921BHEP |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: GRANT OF PATENT IS INTENDED |
|
INTG | Intention to grant announced |
Effective date: 20221111 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE PATENT HAS BEEN GRANTED |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP Ref country code: AT Ref legal event code: REF Ref document number: 1578046 Country of ref document: AT Kind code of ref document: T Effective date: 20230615 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 602016080089 Country of ref document: DE |
|
U01 | Request for unitary effect filed |
Effective date: 20230707 |
|
U07 | Unitary effect registered |
Designated state(s): AT BE BG DE DK EE FI FR IT LT LU LV MT NL PT SE SI Effective date: 20230719 |
|
REG | Reference to a national code |
Ref country code: LT Ref legal event code: MG9D |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: NO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230907 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FG2A Ref document number: 2952534 Country of ref document: ES Kind code of ref document: T3 Effective date: 20231102 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: RS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 Ref country code: HR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230908 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20231227 Year of fee payment: 8 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20231007 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SM Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 Ref country code: RO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20231007 Ref country code: CZ Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: IE Payment date: 20231227 Year of fee payment: 8 |
|
U20 | Renewal fee paid [unitary effect] |
Year of fee payment: 8 Effective date: 20231227 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: PL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230607 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 602016080089 Country of ref document: DE |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: ES Payment date: 20240102 Year of fee payment: 8 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: CH Payment date: 20240102 Year of fee payment: 8 |
|
26N | No opposition filed |
Effective date: 20240308 |